Understanding Routing Table

Posted on in Categories , , , last updated March 13, 2008

Q.What is a routing table? Can you explain its usage under Linux / UNIX operating system?

A. Almost all computers and network devices connected to Internet use routing tables to compute the next hop for a packet. It is electronic table that is stored in a router or a networked computer. The routing table stores the routes (and in some cases, metrics associated with those routes) to particular network destinations. This information contains the topology of the network immediately around it. The construction of routing table is the primary goal of routing protocols and static routes.

Each Linux / UNIX / Windows or any computer that uses TCP/IP need to make routing decision. Routing table is used to control these decisions. To display routing table type the following command at UNIX / Linux shell prompt:
$ netstat -r -n
$ route -n
Sample output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface   U     0      0        0 eth0   U     0      0        0 ra0     U     1000   0        0 eth0         UG    100    0        0 ra0

If you are using Windows Server type the following at a command prompt:
c:> route print
Flag G indicates path to route packets via a gateway. If you would like to visit yahoo.com from your computer you need to go via gateway. This usually means that you have to set up a static route to the gateway beforehand. If you specify the address of one of your local interfaces, it will be used to decide about the interface to which the packets should be routed to. metric field used by routing daemons. This is required on large LAN and wan setups. The output of the kernel routing table is organized in the following columns:

  • Destination : The destination network or destination host.
  • Gateway : The gateway address or ’*’ if none set.
  • Genmask : The netmask for the destination net; for a host destination and for the default route.
  • Flags : Possible flags include
    • U (route is up)
    • H (target is a host)
    • G (use gateway)
    • R (reinstate route for dynamic routing)
    • D (dynamically installed by daemon or redirect)
    • M (modified from routing daemon or redirect)
    • A (installed by addrconf)
    • C (cache entry)
    • ! (reject route)
  • Metric : The distance to the target (usually counted in hops). It is not used by recent kernels, but may be needed by routing daemons.
  • Ref : Number of references to this route. (Not used in the Linux kernel.)
  • Use : Count of lookups for the route. Depending on the use of -F and -C this will be either route cache misses (-F) or hits (-C).
  • Iface : Interface to which packets for this route will be sent.
  • MSS : Default maximum segment size for TCP connections over this route.
  • Window : Default window size for TCP connections over this route.
  • irtt : Initial RTT (Round Trip Time). The kernel uses this to guess about the best TCP protocol parameters without waiting on (possibly slow) answers.
  • HH (cached only) : The number of ARP entries and cached routes that refer to the hardware header cache for the cached route. This will be -1 if a hardware address is not needed for the interface of the cached route (e.g. lo).
  • Arp (cached only) : Whether or not the hardware address for the cached route is up to date.

Your routing table is created automatically, based on the current TCP/IP configuration of your Linux / UNIX computer. You can manually add / modify / edit routing table using route and ip command. The types of entries in a routing table:

  • Network Route: A route (path) to a specific Network ID in the internetwork.
  • Host Route : A route to a specific internetwork address (Network ID and Host ID). Host routes allow intelligent routing decisions to be made for each network address. Host routes are used to create custom routes to control or optimize specific types of network traffic.
  • Default Route: A route that is used when no other routes for the destination are found in the routing table. If a router or end system (such as a PC running Microsoft Windows or Linux), cannot find a route for a destination, the default route is used. The default route is used if no other host or network route matches the destination address. Please see related FAQs below for more examples of route and ip command.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

11 comment

  1. I am trying to get a better understanding of the concept of routing tables in an ip network . I did find this basic information useful and will really appreciate and more such information that is sent to me .

  2. “-Network Route: A route (path) to a specific Network ID in the internetwork.
    -Host Route : A route to a specific internetwork address (Network ID and Host ID).”

    Can you tell me the difference between these two definition ?

  3. Being a novice I need more. You tell what the Flag basic definitions are, but that still doesn’t tell me which are good flags to see and which are bad. Further information that explains what each of those flag readings mean would be helpful.

    I suspect my readings are good, since every diagram I have seen show the flags to be either: U, UH or UG, and my flags are shown as UH, U and U.

Comments are closed.